The widespread adoption of digital transactions, while providing unparalleled convenience and efficiency, has also led to an increase in fraudulent activities, raising serious concerns that require collective action. The customer’s mobile number has become a key identifier in account authentication and verification processes, serving as the recipient of sensitive payment communications like OTPs, transaction alerts, and account updates. Unfortunately, this same identifier is susceptible to misuse by fraudsters, who exploit it to commit various types of online and other frauds.
To mitigate the risks associated with mobile number misuse, the RBI has advised the Regulated Entities to implement the following measures:
- Utilise the Mobile Number Revocation List (MNRL)1 available on the Digital Intelligence Platform (DIP) developed by the Department of Telecommunications (DoT), Ministry of Communications, to monitor and clean their customer database. To enhance fraud risk monitoring and prevention, the REs are advised to develop Standard Operating Procedures (SOP) incorporating the required action to be taken including: updating the registered mobile number(RMN) after due verification; enhanced monitoring of accounts linked to these revoked mobile numbers for preventing the linked accounts from being operated as Money Mules and/or being involved in cyber frauds, etc.
- Provide the verified details of their customer care numbers to DIP for enabling DoT to publish them on the Sanchar Saathi portal.
- Undertake transactional / service calls only using ‘1600xx’ numbering series, when operationalised; undertake promotional voice calls only through phone numbers using ‘140xx’ numbering series; follow the “Important Guidelines for sending commercial communication using telecom resources through Voice Calls or SMS” issued by Telecom Regulatory Authority of India (TRAI). REs are also advised to undertake awareness measures in this regard through emails, SMS and other modes, including in vernacular languages.
All REs have been advised to ensure compliance with the above by March 31, 2025.
